If someone has physical access to your PC, it depends on what YOU will do next: As for Bitlocker, the TPM is a hardware solution that stores the key.
#Sandisk secure access vs bitlocker password#
For example in TrueCrypt, the key is actually derived from the password which the user keys in. However, I am personally not convinced that they work on all systems. Some answers alluded to various forensic tools. Therefore, never put both the recovery key and your computer together. The attacker should not be in possession of this key.
Failing which, you get a Bitlocker recovery key lockout, and must supply the recovery key in order to unlock the drive. If you pass the TPM's integrity check, then the keys will be released to be used for on-the-fly encryption and decryption. Booting into another OS like Linux to extract passwords or the data will not be possible also, since the TPM will not release its keys if it sees you're booting into another OS (even if it is another Windows OS). Evil maid attacks are mitigated also since TPM will validate the pre-boot components to make sure that nothing has been tampered with.
You can't just extract keys out of the TPM hardware. In general, Bitlocker is secure and is used by companies all over the world. I recommend Sami Laiho's talk on Building a Bullet Proof Bitlocker. Perhaps you can see my question for some related comments on Bitlocker.